35 matches found
CVE-2018-16233
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...
CVE-2018-16233
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...
CVE-2018-16233
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter...
CVE-2018-16233
Technical details for CVE-2018-16233 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2018-10221
An issue was discovered in WUZHI CMS V4.1.0. There is a persistent XSS vulnerability that can steal the administrator cookies via the tagtag parameter to the index.php?m=tags&f=index&v=add&&su=wuzhicms URI. After a website editor whose privilege is lower than the administrator logs in, he can add...
Piwigo SQL Injection Vulnerability (CNVD-2018-06303)
Piwigo is a free and open source web photo album software. A SQL injection vulnerability exists in admin/tags.php in the admin panel in Piwigo before 2.9.3. An attacker can exploit this vulnerability by using the tags array parameter in the admin.php?page=tags request to perform a SQL injection...
CVE-2018-6189
F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...
CVE-2018-6189
F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...
CVE-2018-6189
F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...
CVE-2017-17871
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter...
Piwigo Batch Manager Component Cross-Site Scripting Vulnerability
Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing category, tag, time, etc. Batch Manager component is one of the manager components. A cross-site scripting vulnerability exists in the Batch Manager component in Piwi...
Fastspot BigTree CMS SQL Injection Vulnerability (CNVD-2017-35446)
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the core/inc/auto-modules.php file in Fastspot BigTree CMS 4.2.19 and earlier versions. A remote attacker can exploit the...
CVE-2014-9916
Multiple cross-site scripting XSS vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 tribename or 2 tags parameter in a tribes page request to user/ or the 3 userid or 4 fullname parameter to signup.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 tribename or 2 tags parameter in a tribes page request to user/ or the 3 userid or 4 fullname parameter to signup.php...
Sql injection
Multiple SQL injection vulnerabilities in application/core/MYModel.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the 1 invoicenumber or 2 tags parameter to index.php/invoicesearch...